John Reese jpreese
jpreese
/ k8swrapper_poc.rego
Created
July 7, 2019 20:39
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package kubewrap | |
| # This is a proof of concept to allow us to use the same policies for both k8s manifests | |
| # and admission controllers. | |
| # This may be a good open source candidate if there are no other alternatives. | |
| default is_admission_review = false | |
| is_admission_review { | |
| input.kind == "AdmissionReview" |
jpreese
/ strategy.go
Created
July 22, 2019 20:32
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * RETURN INTERFACE | |
| */ | |
| type Parser interface { | |
| Unmarshal(p []byte, v interface{}) error | |
| } | |
| func GetParser(fileName string) Parser { | |
| suffix := filepath.Ext(fileName) |
jpreese
/ readibility_compare.go
Last active
October 30, 2019 17:37
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // EXAMPLE 1 | |
| for i := range feed.Index[mixin][version].Files { | |
| if feed.Index[mixin][version].Files[i].File == filename { | |
| if feed.Index[mixin][version].Files[i].Updated.Before(updated) { | |
| feed.Index[mixin][version].Files[i].Updated = updated | |
| } | |
| return nil | |
| } | |
| } |
jpreese
/ kforward.go
Created
February 13, 2020 21:57
Helper function to forward ports on a Kubernetes pod and run a function
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Pod starts a port-forward on a given pod | |
| func Pod(config *rest.Config, namespace string, pod string, ports []string, fn func() error) error { | |
| roundTripper, upgrader, err := spdy.RoundTripperFor(config) | |
| if err != nil { | |
| return fmt.Errorf("get roundtripper: %w", err) | |
| } | |
| path := fmt.Sprintf("/api/v1/namespaces/%s/pods/%s/portforward", namespace, pod) | |
| hostIP := strings.TrimLeft(config.Host, "https://") | |
| serverURL := url.URL{Scheme: "https", Path: path, Host: hostIP} |
jpreese
/ Dockerfile
Last active
April 14, 2020 18:55
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| FROM golang:1.13 as builder | |
| RUN apt-get update \ | |
| && apt-get install unzip | |
| # Install terraform-bundle | |
| RUN git clone \ | |
| --depth 1 \ | |
| --single-branch \ | |
| --branch "v0.12.0" \ | |
| https://github.com/hashicorp/terraform.git \ |
jpreese
/ repository-config.yaml
Last active
April 14, 2020 18:47
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| repos: | |
| # The list of repositories Atlantis watches. Supports wildcards/* | |
| - id: dev.azure.com/org/project/first-repo | |
| # Only allow "apply" comments if the PR is approved and can be merged | |
| apply_requirements: [approved, mergeable] | |
| workflow: terragrunt | |
| # Instead of terraform commands, run these for plan and apply | |
| workflows: |
jpreese
/ azure-devops-helper.sh
Created
April 8, 2020 15:22
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # These values are already provided to the container from | |
| # the Kubernetes manifest. | |
| echo username=$ATLANTIS_AZUREDEVOPS_WEBHOOK_USER | |
| echo password=$ATLANTIS_AZUREDEVOPS_TOKEN |
jpreese
/ .gitconfig
Created
April 8, 2020 15:23
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [credential "https://dev.azure.com"] | |
| helper = "/bin/sh /home/atlantis/azure-devops-helper.sh" |
jpreese
/ terraform-bundle.hcl
Created
April 14, 2020 16:23
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # The version of Terraform to include with the bundle. | |
| terraform { | |
| version = "0.12.21" | |
| } | |
| # The providers to pre-download and include in the Atlantis image. | |
| providers { | |
| azurerm = ["~> 2.0.0"] | |
| azuread = ["~> 0.7.0"] | |
| random = ["~> 2.2.0"] |
jpreese
/ required-owner-policy.rego
Last active
May 25, 2020 18:14
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| violation[msg] { | |
| input.kind == "Namespace" | |
| not input.metadata.labels["owner"] | |
| msg := "All namespaces must contain an owner label" | |
| } |